Managing the DGX A100 Self-Encrypting Drives
NVIDIA DGX A100 DU-09821-001 _v01|35
6.6.1.1. Determining Which Drives Can be Managed as
Self-Encrypting
Here is some information about how you can determine which drives can be managed as self-
encrypting.
Review the storage layout of the DGX system to determine which drives are eligible to be
managed as SEDs.
$ sudo nv-disk-encrypt info
The default output shows which drives can be used for encryption and which drives cannot.
The following status information is provided:
‣
SED capable: Is this a self-encrypting drive?
‣
Boot disk: Is this drive currently being used as a boot drive? Does it contain the root
filesystem?
‣
Locked: Is this drive currently in the locked state? Is it able to accept I/O?. It can only be in
this state after the following conditions have been met:
‣
Locking has been enabled (nv-disk-encrypt init, followed by nv-disk-encrypt init
lock)
‣
The drive is coming back from power-off.
‣
The user queries this state prior to it being (automatically) unlocked.
‣
Lock Enabled: Are locks enabled on this drive? It will be in this state after initialization (nv-
disk-encrypt init).
‣
MBR done: This setting is only relevant for drives that support MBR shadowing. On drives
that support this feature, this will report 'Y' after initialization (nv-disk-encrypt init)
MBR done: This setting is only relevant for drives that support MBR shadowing. On drives that
support this feature, this will report 'Y' after initialization (nv-disk-encrypt init)
The following example output snippet shows drives than can be used for encryption. Notice
SED capable = Y and Boot disk = N.
The following example output snippet shows drives than cannot be used for encryption. Notice
SED capable = Y and Boot disk = Y, or SED capable = N.
To Next Page
Loading...
Need help?
General
